Re: [tor-dev] Alternative directory format for v3 client auth
George Kadianakis writes: > Hello haxxpop and David, > > here is a patch with an alternative directory format for v3 client auth > crypto key bookkeeping as discussed yesterday on IRC: >https://github.com/torproject/torspec/pull/23 > > Thanks for making me edit the spec because it made me think of various > details that had to be thought of. Hello again, there have been many discussions about client auth since that last email a month ago. Here is a newer branch that we want to get merged so that we proceed with implementation: https://github.com/torproject/torspec/pull/33 The first commit is the same as in the original post, and all subsequent commits are improvements on top of it. Here are a few high-level changes that were made after discussion: - Ditched intro auth for now, since descriptor auth is sufficient for our threat model, and trying to support two different auth types would complicate things. - Opted for a KISS design for now where we don't ask Tor to generate client auth keys neither on the client side or on the service side. For now we assume that client/service-side generated their keys with an external tool, and we will build such tools in the future, instead of spending too much time bikeshedding about it right now. - Client auth is enabled if the client auth directory is populated with the right files, instead of relying on torrc switches etc. Furthermore, the last three commits are quick mainly-cosmetic changes I did alone before posting this here. Inform me if you don't like those. I'll let this simmer here for a few days before merging it in torspec. Let me know if you have questions! Thanks for reading! ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] Tor Browser for arm64/v8 on RPi3
@intrigeri I'll post there. Thanks for the heads up. ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
[tor-dev] [release] Onionoo 6.2-1.16.0
Hi, Onionoo's protocol was extended and has a minor version jump to 6.2. Download available at: https://dist.torproject.org/onionoo/6.2-1.16.0/ Protocol changes (also summarized in [0]): Added an "as" field to details document, deprecated the "as_number" field, added an "as_name" parameter to search for relays by AS name, and added support for comma-separated lists in the "as" and the "lookup" parameters. Software changes are summarized in the changelog [1]. The changes are already deployed on all onionoo.torproject.org instances. Unfortunately there are two known bugs affecting this release that were not fixed before deployment: Timestamps in graph history documents are incorrectly formatted which is currently breaking graphs in relay search. No data is lost and the graphs will reappear once this is resolved. (See #27039 [2]) Reverse DNS names are still being looked up slowly and so are missing for most relays. (See #27050 [3]) Please direct comments and questions to the metrics-team mailing list [4]. Thanks, Iain -- on behalf of the Metrics Team. [0] https://metrics.torproject.org/onionoo.html#versions_6_1 [1] https://gitweb.torproject.org/onionoo.git/plain/CHANGELOG.md?h=onionoo-6.2-1.16.0 [2] https://bugs.torproject.org/27039 [3] https://bugs.torproject.org/27050 [4] https://lists.torproject.org/cgi-bin/mailman/listinfo/metrics-team signature.asc Description: OpenPGP digital signature ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
